#!c:\Perl\bin\Perl.exe -T --
use strict;
use warnings;
use CGI qw{ :standard };
use CGI::Carp qw(fatalsToBrowser);
use File::Copy;
use DBI;
my $editnew = param('editnew');
my $createfrom = param('createfrom');
if ($editnew eq "edit")
{
print redirect("workplan.pl?workplan=$createfrom");
}
elsif ($editnew eq "new")
{
my $newname = param('newname');
# strip all non-word, doesn't untaint
s/\W// for $createfrom, $newname;
die "Missing parameters newname and createfrom" unless $createfrom
+ and $newname;
# limit filename to \w, untaint, see perldoc perlsec
#same as below /(\w+)/ and $_ = $1 for $createfrom, $newname;
$createfrom = $1 if $createfrom =~ /(\w+)/;
$newname = $1 if $newname =~ /(\w+)/;
copy("$createfrom.db","$newname.db") or die qq~copy("$createfrom.d
+b","$newname.db") failed : $!~;
my $database = DBI->connect("dbi:SQLite:dbname=$newname.db","","")
+ or die "$DBI::errstr\n";
$database->do("delete from edits");
$database->do("insert into edits values(0,0,0,0,'')");
$database->disconnect();
print redirect("workplan.pl?workplan=$newname")
}
__END__
|